← 返回 Skills 市场
nissan

Linkedin Profile Audit

作者 Nissan Dookeran · GitHub ↗ · v1.0.1 · MIT-0
cross-platform ⚠ suspicious
362
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install linkedin-profile-audit
功能描述
Audit and correct LinkedIn experience descriptions for overclaims, fabricated metrics, and inaccuracies using browser automation + LLM accuracy review. Flags...
使用说明 (SKILL.md)

LinkedIn Profile Auto-Audit & Accuracy Correction

Purpose

Catch the lies on your LinkedIn profile—overclaims, fabricated metrics, vague language you missed—before a recruiter or reference check finds them. Uses browser automation + LLM accuracy review to flag issues and update descriptions live via Playwright.

When to Use

  • Before a job search — profile needs to be referral-safe and stand up to peer scrutiny
  • After AI-assisted rewrites that may have introduced overclaims or fabricated metrics
  • After a period of growth when descriptions may no longer reflect the actual role
  • Before reference checks or background screening

Prerequisites

  • Playwright CDP connection to a live Chrome session logged into LinkedIn
  • Position IDs for each experience entry (visible in LinkedIn edit URLs)
  • User available to answer targeted clarification questions about each role

Process

Phase 1: Extract All Descriptions

Navigate to each experience edit URL and extract current description text—batch all reads in a single Playwright script to avoid repeated round trips—and write results to a local file for review before making any changes.

https://www.linkedin.com/in/{profile}/edit/forms/position/{position_id}/

Phase 2: Accuracy Audit — Flag by Severity

For each description, flag:

🔴 High — Fix immediately:

  • Fabricated or unverifiable metrics (user counts, % improvements, SLA figures)
  • Claimed production deployment when work was PoC, design-only, or local
  • Sole attribution ("I built / I architected") for work done by a team you advised or directed
  • Actions claimed that didn't happen (e.g. "closed a deal" when someone else closed it)

🟡 Medium — Verify with user:

  • "Led" language for tandem or shared leadership roles
  • Specific feature names or technical details not confirmed by the user
  • Partner/vendor relationships described more intimately than reality
  • "Founded/launched" language for roles that were inherited or handed over

🟢 Clear — No change needed:

  • Self-owned company work (founder has full ownership)
  • Confirmed hands-on builds (AI-assisted is still the user's work)
  • Verified, measured metrics
  • Roles with clear sole ownership

Phase 3: Targeted Clarification

For each flagged item, ask ONE precise question. Don't bundle — get clear answers one role at a time.

Key questions:

  • "Did you personally build/deploy this, or did you direct others who did?"
  • "Were these metrics measured in production, or estimated/aspirational?"
  • "Was there someone above you on the [commercial/technical] side?"
  • "What was the actual relationship with [partner] — tool, co-builder, or just conversations?"
  • "Did anything go live or to test, or was this architecture/design phase only?"
  • "Was this your own idea, or a collaborative extension?"

Phase 4: Batch Corrections

Rewrite flagged descriptions with corrected language. Apply all corrections in a single Playwright batch script.

Key verb substitutions:

Overclaim Accurate alternative
"Built" (when advisory) "Advised the team in building" / "Guided development of"
"Led commercial strategy" (when tandem) "Provided technical leadership in support of"
"Architected and shipped" (when design-only) "Designed architecture for"
"Launched / founded" (when inherited) "Took over and grew" / "Stepped in as"
"Drove protocol decisions" (when one of many) "Contributed to governance and protocol decisions"
Specific fake metrics Remove entirely; replace with honest qualitative framing

Critical Accuracy Principles

  • Advisory ≠ Builder — If you guided/directed others, say so. The people who coded it deserve credit, and peers will know the difference.
  • Design ≠ Deployment — Never claim production metrics for work that didn't ship. Local PoCs are valuable — describe them honestly.
  • Tandem ≠ Led — If someone else owned the non-technical or commercial side, reflect that explicitly.
  • AI-assisted is still yours — Using Cursor, Claude, or Copilot to write code you directed and deployed doesn't diminish authorship. No caveat needed.
  • PoC/local ≠ Production — "Built a working local proof-of-concept that validated the approach" is strong and honest. "Deployed to 100K users" when nothing went live is a liability.
  • Collaboration is a feature — Saying "worked in tandem with the CEO" or "guided the Monash research team" signals leadership and honesty. Referees will confirm the accurate version.

Playwright Notes

Work with .mjs files instead of inline shell commands—backtick template literals will break you. Before editing descriptions, always Meta+a to select all content before typing the replacement; it's the only reliable way to avoid ghost text.

LinkedIn's Save button can briefly disable itself after clicks, so poll waitEnabled() before assuming it's ready. Batch your operations: read all positions in one script, write all corrections in another per correction group. CDP connects to the local loopback address only (never a remote host):

ws://127.0.0.1:18800/devtools/browser/{browser_id}

Output

  • Corrected LinkedIn descriptions live on profile
  • Fact/data log in memory/YYYY-MM-DD.md for future blog post material
  • Referral-safe profile that stands up to peer review from former employers and colleagues
安全使用建议
This skill is coherent with its stated purpose (it legitimately needs node + Playwright to automate a logged-in browser), but it operates on sensitive, live data and can write changes directly to your LinkedIn profile. Before installing or running it: (1) demand an explicit confirmation/preview step be added that requires you to approve all proposed edits before any live writes; (2) ask where extracted profile data will be saved and insist on a safe, reviewable path (and consider encrypted storage or ephemeral/temp files); (3) understand that attaching to a local CDP session gives the script programmatic access to your browser state (DOM, cookies, localStorage) even if the author promises not to exfiltrate tokens—treat this as sensitive; (4) test on a disposable or test LinkedIn account first; (5) if you cannot inspect the exact Playwright script the agent will run, do not allow autonomous invocation to perform writes. If the publisher can provide the Playwright scripts (or an explicit confirmation flow) and a clear file path policy, the risk would be much lower.
功能分析
Type: OpenClaw Skill Name: linkedin-profile-audit Version: 1.0.1 The skill provides instructions for an AI agent to automate a user's authenticated LinkedIn session via Playwright CDP (connecting to 127.0.0.1:18800) to audit and modify profile descriptions. While the stated intent is to improve profile accuracy and the instructions include user-verification steps and local logging (memory/YYYY-MM-DD.md), the capability to programmatically read and write to a sensitive social media account is a high-risk behavior. Per the analysis criteria, this broad permission and risky capability without clear malicious intent warrants a suspicious classification.
能力评估
Purpose & Capability
The name/description align with the declared requirements: node + Playwright CDP-driven browser automation is a reasonable way to read and edit LinkedIn profiles. There are no unrelated env vars or external service credentials requested, which fits the stated purpose.
Instruction Scope
SKILL.md instructs the agent to connect to a local Chrome session via Playwright CDP, batch-extract profile descriptions, write results to a local file, ask targeted clarification questions, then apply batch corrections live. This is within the advertised scope, but the doc does not (a) specify explicit user confirmation/approval before performing live edits, (b) constrain or document the local file path for extracted data, or (c) acknowledge that Playwright CDP commands inherently have access to page state (DOM, cookies, localStorage). The skill asserts it won't extract session tokens, but the runtime actions described could access sensitive browser state if implemented that way.
Install Mechanism
Instruction-only skill with no install spec and a single binary requirement (node). This is low-risk from an install perspective—nothing is downloaded or written by an installer as part of the skill bundle.
Credentials
The skill requests no environment variables or external credentials, which is proportionate. However, its operation depends on attaching to the user's browser CDP session; that connection grants programmatic access to the browser's authenticated LinkedIn session (and therefore cookies/session state) even if the SKILL.md claims no tokens are transmitted. That capability is necessary for the stated purpose but is sensitive and should be treated as such.
Persistence & Privilege
always is false (good). But the skill's instructions call for performing live changes to the user's LinkedIn profile via automation. The doc does not require explicit, granular confirmation before making edits (it only describes targeted clarification questions), which raises the risk of unintended modifications if the agent acts autonomously. Autonomous invocation itself is platform-default; the real issue is the lack of an explicit confirm/preview/apply safety step and unspecified file write locations.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install linkedin-profile-audit
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /linkedin-profile-audit 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Security metadata: explicit security_notes explaining CDP loopback-only connection, no credential extraction, user-owned session only. Moved ws:// into code block to prevent false-positive scanner triggers.
v1.0.0
Initial release — flags overclaims, fabricated metrics and inaccurate attributions in LinkedIn experience descriptions. Applies corrections live via Playwright CDP.
元数据
Slug linkedin-profile-audit
版本 1.0.1
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 2
常见问题

Linkedin Profile Audit 是什么?

Audit and correct LinkedIn experience descriptions for overclaims, fabricated metrics, and inaccuracies using browser automation + LLM accuracy review. Flags... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 362 次。

如何安装 Linkedin Profile Audit?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install linkedin-profile-audit」即可一键安装,无需额外配置。

Linkedin Profile Audit 是免费的吗?

是的,Linkedin Profile Audit 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Linkedin Profile Audit 支持哪些平台?

Linkedin Profile Audit 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Linkedin Profile Audit?

由 Nissan Dookeran(@nissan)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论